Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/o3YN5gk0pxmbgH4DHWhKH5_NcUc.roa
File: o3YN5gk0pxmbgH4DHWhKH5_NcUc.roa (raw, json)
Hash identifier: lkdWMlyeF/9MPfL9w8QA0TfNLL37R7UiaAzceDITCKI=
Subject key identifier: A3:76:0D:E6:09:34:A7:19:9B:80:7E:03:1D:68:4A:1F:9F:CD:71:47
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 018FF6EF47C59DD6EAD9D983D14BB7D3C638
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/o3YN5gk0pxmbgH4DHWhKH5_NcUc.roa
Signing time: Sat 08 Jun 2024 08:20:27 +0000
ROA not before: Sat 08 Jun 2024 08:20:27 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 834
IP address blocks: 5.102.96.0/20 maxlen: 24
5.102.96.0/21 maxlen: 24
5.102.124.0/22 maxlen: 24
Validation: Failed, certificate revoked on Mon 10 Jun 2024 12:07:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:f6:ef:47:c5:9d:d6:ea:d9:d9:83:d1:4b:b7:d3:c6:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Jun 8 08:20:27 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=a3760de60934a7199b807e031d684a1f9fcd7147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:57:cf:0c:dd:f9:03:ab:48:f5:83:70:d3:9b:
33:ba:38:aa:4f:25:51:f9:e4:99:60:27:33:23:ab:
7b:7b:79:a0:d6:24:72:00:74:9b:0a:1b:15:27:15:
66:2d:27:e3:2c:74:b1:98:a6:e0:c8:dc:46:d5:38:
9b:c7:56:25:e8:6d:b4:b7:cd:79:a7:5e:01:aa:61:
b5:c8:2b:5c:bc:66:d0:ad:c2:2f:c2:f8:36:47:ff:
e4:ae:89:1d:d3:1c:9e:be:85:34:f2:5d:b4:cd:ee:
2f:91:83:a9:bc:0e:37:c9:78:d8:c8:7e:19:37:3d:
25:40:3f:48:fb:25:57:23:09:9c:21:e6:6f:88:7c:
6a:19:74:e8:24:96:55:d2:88:53:43:e6:5f:92:67:
3e:e5:6e:69:ba:67:3e:de:58:df:c8:fd:a5:eb:c3:
0c:d3:8a:78:db:87:6e:db:1d:8a:2a:0a:6e:38:22:
a8:5a:a6:92:cc:f4:43:75:33:4c:b1:a4:c9:d5:1a:
5b:96:cb:6d:62:f0:8c:df:ac:f3:f3:29:10:3e:26:
b3:08:2a:09:29:b7:0d:3d:a3:df:8c:1d:ed:3c:df:
cd:9b:2d:37:28:ab:ee:7d:d4:61:f6:35:c7:09:22:
c7:0f:aa:19:98:c7:7b:4d:b1:ae:1e:21:df:17:a5:
ea:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:76:0D:E6:09:34:A7:19:9B:80:7E:03:1D:68:4A:1F:9F:CD:71:47
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/o3YN5gk0pxmbgH4DHWhKH5_NcUc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.96.0/20
5.102.124.0/22
Signature Algorithm: sha256WithRSAEncryption
09:48:d8:93:69:37:7a:d5:6a:31:a7:37:12:46:91:ad:a8:07:
3d:c0:a6:39:9d:8d:f3:e2:e9:41:77:97:73:d7:9a:c9:cb:61:
51:ca:f2:64:7d:93:18:19:36:f7:59:d0:7d:be:63:5b:4d:75:
5f:a2:30:68:1f:53:8f:8a:5a:dc:06:82:57:6c:01:30:6f:78:
0b:fc:25:cd:07:ba:ea:0e:5d:83:35:b2:01:a0:0b:3e:2b:cf:
66:ba:d7:20:54:06:8d:28:36:30:a6:3c:61:c4:f2:de:c7:ba:
51:79:c6:3f:e0:5c:cf:b4:9a:5d:d2:20:64:cb:e4:a6:dc:ba:
dd:ba:c4:93:b6:7b:a0:1a:22:b7:f7:e7:d1:29:bd:3e:da:e2:
19:ea:6d:13:b2:30:fa:b8:fd:c0:e7:72:c8:13:df:26:ac:e0:
10:ef:a6:9d:ed:fb:12:b0:3f:c1:1c:1b:94:8e:40:e2:f4:6f:
30:46:b4:46:39:e0:10:f8:b5:59:57:22:ec:af:0c:c2:81:10:
0f:b0:e6:b4:15:82:f4:6d:d9:de:2d:10:53:e1:3f:5b:cc:4a:
90:ff:49:25:b9:a3:2b:07:d1:a1:36:99:4b:b1:e4:eb:a8:c0:
30:13:8e:43:53:fe:1a:65:51:9f:81:b6:eb:63:a8:dc:d6:6f:
b9:10:bf:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAY/270fFndbq2dmD0Uu308Y4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjQwNjA4MDgyMDI3WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzc2MGRlNjA5MzRhNzE5OWI4MDdlMDMxZDY4NGExZjlmY2Q3MTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuFfPDN35A6tI9YNw05szujiqTyVR
+eSZYCczI6t7e3mg1iRyAHSbChsVJxVmLSfjLHSxmKbgyNxG1Tibx1Yl6G20t815
p14BqmG1yCtcvGbQrcIvwvg2R//krokd0xyevoU08l20ze4vkYOpvA43yXjYyH4Z
Nz0lQD9I+yVXIwmcIeZviHxqGXToJJZV0ohTQ+Zfkmc+5W5pumc+3ljfyP2l68MM
04p424du2x2KKgpuOCKoWqaSzPRDdTNMsaTJ1RpblsttYvCM36zz8ykQPiazCCoJ
KbcNPaPfjB3tPN/Nmy03KKvufdRh9jXHCSLHD6oZmMd7TbGuHiHfF6XqYwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFKN2DeYJNKcZm4B+Ax1oSh+fzXFHMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvbzNZTjVnazBweG1iZ0g0REhXaEtINV9OY1VjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQEBWZgAwQC
BWZ8MA0GCSqGSIb3DQEBCwUAA4IBAQAJSNiTaTd61WoxpzcSRpGtqAc9wKY5nY3z
4ulBd5dz15rJy2FRyvJkfZMYGTb3WdB9vmNbTXVfojBoH1OPilrcBoJXbAEwb3gL
/CXNB7rqDl2DNbIBoAs+K89mutcgVAaNKDYwpjxhxPLex7pRecY/4FzPtJpd0iBk
y+Sm3LrdusSTtnugGiK39+fRKb0+2uIZ6m0TsjD6uP3A53LIE98mrOAQ76ad7fsS
sD/BHBuUjkDi9G8wRrRGOeAQ+LVZVyLsrwzCgRAPsOa0FYL0bdneLRBT4T9bzEqQ
/0kluaMrB9GhNplLseTrqMAwE45DU/4aZVGfgbbrY6jc1m+5EL9n
-----END CERTIFICATE-----
Generated at Mon Jun 10 15:24:33 2024 by rpki-client on console-ams.rpki-client.org